<?php
session_start();
require_once 'header.php';
function __autoload($className)
	{
    	require_once('class/' . $className . '.class.php');
	}
session::need_member();
$TicketId=intval($_GET["ticketid"]);
session::need_isset($TicketId, "viewtickets.php");
$UserID=session::getuserid();
if(session::is_manager()==TRUE)
{
	$CheckPermission=1;
}
else 
{
	$CheckPermission=user::checkpermission('tickets', "userid=$UserID", "ticketid=$TicketId");
}
if($CheckPermission==1)
{
	$Soure=$_POST["replysoure"];
	$Check=verify::check($Soure);
	if($Check==0)
	{
		if(session::is_member()==true)
		{
			$UserTicket=$UserID;
		}
		else if(session::is_manager()==true)
		{
			$UserTicket=intval($_GET['userid']);
		}
		$GetReplyId=database::LimitQuery('tickets',array(
		'select' => 'max(replyid)',
		'condition' => array(
		'userid' => $UserTicket,
		)
		));
		$ReplyId=$GetReplyId[0]['max(replyid)']+1;
	
		if(session::is_member()==true)
		{
			$condition=array(
			'ticketid' => $TicketId,
			'userid' => $UserID,
			'userpost' => $UserID,
			'replyid' => $ReplyId,
			'contents' => $Soure,
			'subject' => 'reply'
			);
			$UserTicket=$UserID;
		}
		else if(session::is_manager()==TRUE)
		{
			$condition=array(
			'ticketid' => $TicketId,
			'userid' => intval($_GET['userid']),
			'userpost' => $UserID,
			'replyid' => $ReplyId,
			'contents' => $Soure,
			'subject' => 'reply'
			);
			$UserTicket=intval($_GET['userid']);
		}
		$InsertReply=database::Insert('tickets', $condition);
		redirect::location("viewtickets.php");
	}
	else 
	{
		$_SESSION["erro"]="Your Input has some problem, plz do not use special character as:"." ? (  ~ ) ! = ";
		redirect::location("viewtickets.php");
	}
}
else 
{
	redirect::location("denied.php");
}

?>